The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/e39b59b0-f24f-4de5-a21c-c4de34c3a14f | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-12-12T17:57:09.917Z
Updated: 2022-12-12T19:03:00.652Z
Reserved: 2022-11-10T01:31:13.746Z
Link: CVE-2022-3921
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-12T18:15:11.970
Modified: 2023-11-07T03:51:57.957
Link: CVE-2022-3921
JSON object: View
Redhat Information
No data.
CWE
No CWE.